What Is Malware ?

Malware is a piece of malicious codes which are injected to your website without your knowledge by malicious hackers and intruders with specific intention - to use your web server as the source to launch a targeted attack to another servers, black hat SEO linking purposes and the worst is to steal all the sensitive information which are transmitted on your websites.

The successful of injection of the piece of code usually is resulted from the outdated application codes used by your website or your web server has not been patched and secure up with the right measure. It could also originated from your terminal which has been infected by trojan, backdoor or viruses and steal your FTP information as you launch the connection to your website.

What If I am Infected?

Simple - Any visitors which browse your website will be blocked by their browsers agent and they will see the exact screen as warning which is pretty much very bad for an online business reputation!

What's the countermeasure ?

Free Malware Scanning By Symantec

This malware scanner easily brings you another layer of protection by the best and most trusted online security company known to man, Symantec™. With this FREE bonus feature included with any purchase of a Symantec SSL solution, you can be notified instantly of any malware infected pages on your public facing site, without having to download or install anything.

Frequently Asked Questions

How can I prevent my site from becoming a target for malware?

A typical website (even the simplest blog) may have thousands of potential vulnerabilities. By using vulnerability assessment to identify the most critical vulnerabilities for correction, you may reduce the risk of hackers finding your site and attacking it. Symantec SSL Certificates include daily scans for website malware and automatic weekly scans that look for vulnerabilities that hackers most commonly exploit.

How do I know if my website is free of malware?

Malicious code is hidden in the source code of your website and can be difficult to detect without line-by-line analysis. Some malware is activated by the display of a page and may not be detected without behavioral analysis of your code using a browser simulator. When you protect your website with a Symantec SSL Certificate, we include a free daily malware scanning service for your public web pages. If malware is detected, you will be directed to a list of infected pages and notified of the code causing the problem. Once you have deleted all instances of the code, you can request that your site be rescanned within 24 hours.

What does the service scan?

The daily website malware scanning service scans the website code located at the hostname used in the SSL certificate, including javascript and iframes. The service completes a static analysis of website code as well as behavioral analysis through a browser simulation to find code that may be activated by display of a page. The service does not scan every web page on your website, but reviews an optimal number of pages to identify malicious activity. It does not scan your network or search for malware on internal desktop computers or scan attachments or internal web pages that require sign-in.

What happens if malware is detected on my website?

If malware is discovered, you receive an email alert warning you of the malware infection with instructions to access the scan results within your Symantec Trust Center account or your Symantec Managed PKI for SSL console. The Website Security Services tab shows a list of infected pages and the code causing the problem. You or your website administrator can find and delete all instances of the malware and request that your site be rescanned within 24 hours.

When does the scanning service begin?

The website malware scanning service is activated automatically when your business has been authenticated. There is nothing to download or install for you or your customers. If you decide that you do not want your website protected by a daily website malware scan, simply sign in to the Symantec Trust Center or Symantec Managed PKI for SSL console to deactivate scanning.

Do I have to activate malware scanning for every SSL certificate?

Scanning occurs by hostname. You may have many servers, each one secured by a unique SSL certificate and all of them providing content to a single hostname. The scan is of the html pages located at the hostname, not the servers themselves. As long as you have one active SSL certificate with the hostname, malware scanning is activated. If you decide that you do not want your website protected by a daily malware scan, simply sign-in to the Symantec Trust Center or Symantec Managed PKI for SSL console to deactivate scanning of the hostname.

Can I customize the website malware scan?

Malware scanning may be turned on or off by signing in to your Symantec Trust Center account and clicking the Malware tab or signing into your Symantec Managed PKI for SSL console. Specific pages or sections of your website cannot be targeted.

Does this replace my enterprise scanning solution?

No. Symantec's website malware scan is designed to provide additional assurance to business owners and their customers that the site is regularly checked for malicious code. Traditional anti-malware software focuses on the end point: the desktop. Most enterprise scanning solutions are designed to protect employees from downloading or installing malware rather than protecting the company’s website from distributing malware.

What does blacklisted mean?

Because of the potential damage caused by malware, Google, Yahoo, Bing, and other search engines scan and then blacklist or exclude any site found with malware. If your site is blacklisted, it may be blocked entirely or flagged with a security alert to discourage click through. In addition, anti-virus plug-ins to popular browsers can detect malware and block access to infected sites.

How can I protect my site from malware?

Like most thieves, malware hackers look for easy targets—such as a website where malware will go undetected for as long as possible. Posting the Norton Secured Seal on your website is like posting an alarm security sign in your front window. It shows hackers that your site is scanned daily to detect malware.

Symantec™

#1 Most Trusted Digital SSL Security Certificate

Facts are facts. Today, the global juggernaut Symantec™ is the #1 most recognized & trusted security brand on the Internet. There's simply no alternative that offers what Symantec™ does when it comes to website security. Since 1991, Symantec™ has powered the world-renowned anti-virus brand, Norton, and, in 2010, they fittingly acquired VeriSign, the global leader in SSL at that time…Symantec™ now provides you with unsurpassed encryption, trust & the ultimate in brand recognition right at your doorstep to help propel your business to new heights.

Get Symantec SSL With Up To 20% Savings + Free Website Uptime Monitoring

Because we know SSL itself it's not sufficient for your business

With every purchase of Symantec™ SSL certificate with us, we will be issuing one year of Free Website Uptime Monitoring to your account. With this service, you will get instant notifications if your website is down that will prevent your customers from visiting your website.

With this add-on service, you will get instant notifications if your website is down - website down means business lost. Our premier uptime monitoring services comes with unlimited email, SMS & voice notifications with more than 30 monitoring stations around the globe - giving you the best accuracy with very minimum false alarm alert.

Why are we giving this for free? This services usually will cost you more than RM400+/year when you sign up separately with any 3rd party uptime monitoring provider with limited notifications limit but we include this as part of each SSL Certificate you have purchased through us. Simply put, because we understand you are serious on your online business with SSL Security certificate and your website uptime is another important aspect which should be taken care apart from the SSL Security certificate to protect your customer sensitive data. If your website is down, implementing SSL Security certificate will not help to recover your potential visitors & sales as well as your reputation.